发表新帖
发表新帖

@WebFilter exclude url-pattern

后端 未结
关注
2 646
轮回少年
轮回少年 2020-12-24 14:05

I use a filter to check URL patterns for the logged in user.

But I have many URL patterns I need to filter.

{ \"/table/*\", \"/user/*\", \"/contact/*
2条回答
  • 余生分开走
    余生分开走 (楼主)
    2020-12-24 14:49

    The servlet API doesn't support an "exclude" URL pattern.

    Your best bet is to just map on /* and compare the HttpServletRequest#getRequestURI() against the set of allowed paths.

    @WebFilter("/*")
public class LoginFilter implements Filter {

    private static final Set ALLOWED_PATHS = Collections.unmodifiableSet(new HashSet<>(
        Arrays.asList("", "/login", "/logout", "/register")));

    @Override
    public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) res;
        HttpSession session = request.getSession(false);
        String path = request.getRequestURI().substring(request.getContextPath().length()).replaceAll("[/]+$", ""); 

        boolean loggedIn = (session != null && session.getAttribute("Id") != null);
        boolean allowedPath = ALLOWED_PATHS.contains(path);

        if (loggedIn || allowedPath) {
            chain.doFilter(req, res);
        }
        else {
            response.sendRedirect(request.getContextPath() + "/login");
        }
    }

    // ...
}

    0 讨论(0)
 看不清?
提交回复
热议问题